In his speech, Lynn is, in
effect, acknowledging that the DOD and the country's top cyber cop, the
National Security Agency, can't possibly monitor all the traffic that passes
through networks in the U.S., but that it can watch for patterns of activities
that can signal cyber-attacks. By analyzing these attacks, the company being
attacked can, not only prevent the attack from proceeding, but it can also prevent
While it's not clear just
how widespread the DIB Cyber Pilot program is, certainly, it's already in use
and meeting with some success. It's also clearly not intended (or even able) to
monitor individual communications. This, of course, makes a great deal of sense.
Preventing an area-wide power-grid collapse, preventing interference with rail
transportation or air-traffic control involves no personal data at all. But
such an attack could cripple the U.S.
Perhaps you remember early
in the summer of 2011 when the computer booking systems at two major airlines
went offline and created chaos for days for travelers around the world. While
there's no public indication that these computer outages were the work of
cyber-attackers, think of what might happen if attackers were to take out the
operations systems of several major airlines.
Or think what might happen
if someone took out the air-traffic control system in the U.S. The entire civil
aviation industry in the U.S. would be grounded, and even military flights
(which depend on civilian controllers on most cases) would be seriously
A similar attack on the
computerized control centers for major railroads would stall freight delivery
across the U.S. An attack on the power-grid control systems could cause broad
regional power outages. Pair these with some other type of attack, and these
systems could be down for many hours or days. What's worse is that the computer
systems that manage power grids, railroad dispatching or airline bookings were
never designed to withstand a cyber-attack. They're only now being updated to
include security in their designs.
The real concern shouldn't
be about an intrusion into private life by the military, but rather how your
private life can be protected from cyber-attacks as it is from physical
attacks. This is clearly a function for which the military is well suited, as
is the NSA.
Wayne Rash is a Senior Analyst for eWEEK Labs and runs the magazineÃÃÃs Washington Bureau. Prior to joining eWEEK as a Senior Writer on wireless technology, he was a Senior Contributing Editor and previously a Senior Analyst in the InfoWorld Test Center. He was also a reviewer for Federal Computer Week and Information Security Magazine. Previously, he ran the reviews and events departments at CMP's InternetWeek.
He is a retired naval officer, a former principal at American Management Systems and a long-time columnist for Byte Magazine. He is a regular contributor to Plane & Pilot Magazine and The Washington Post.